The Petya Ransomware is the latest infection that is affecting companies world wide.
The virus uses multiple techniques to spread and by now many antivirus companies have updated definitions to detect and protect against it, but there are a number of steps you can take to reduce the impact of this threat.
5 steps to protect your systems from ransomware:
- Make sure you have the latest security updates installed regularly.
- Make sure you have an antivirus suite (we prefer Vipre end-point protection, but there are many options for your to choose).
- Do not open emails or attachments from unknown sources, or sources that you do not have established trust.
- Implement a security training program to help you and your staff learn what to look for.
- Backup, backup and more backup.
Make sure you have the latest security updates installed regularly.
Patching your system on a regular basis can prevent you from being affected by some of the ransomware variants. You can set the updates to run automatically, or you can have a company like TheCriticalUpdate.com take care of it in the background. We have tools that can handle this process and protect your data.
Patch management can encompass the Operating System and applications like Adobe reader, Flash, Java, etc. Hackers are looking for ways to exploit vulnerabilities to steal data or take over a machine.
We often hear from Apple users that they do not have to worry about viruses. Unfortunately, this is no longer true. In the past few months, there have been several news reports of attacks directed to Apple users and even a “rent a hacker” platform where criminals share in the profits. Here are a couple of examples: http://www.ubergizmo.com/2017/06/malware-on-mac-on-rise/amp and http://www.newsweek.com/mac-malware-ransomware-hack-mac-os-target-vulnerability-624664?amp=1.
Make sure you have an antivirus suite.
It is amazing how many companies neglect this simple step. An antivirus is your second best friend, after patches. If you do not want to pay for one, there are a number of free options (for home use). Read the license agreement to make sure you comply with their requirements. Many businesses are incorrectly installing free antivirus software in violation of the licensing.
Check your systems with the free Microsoft Safety Scanner http://www.microsoft.com/security/scanner/ . It is designed to detect this threat as well as many others.
We have found that the option that provides the most peace of mind is the managed end point protection suite service that can be provided by your technology consultant. As with patch management, this can be bundled into a robust and cost effective service for your firm.
Do not open emails or attachments from unknown sources.
Email is the most effective way to spread a virus. So criminals have developed many ways to get users to click on the links, attachments, etc. and since it does not cost anything for them to send thousands of emails, they flood the Internet hoping to have a quick payoff.
Implementing a spam filter that does advanced threat protection is one way to help stop these threats from getting through.
Medical and Financial industry providers should have something in place due to the importance of the data they handle. There are also encrypted mail servers that can be implemented, but may not be needed for everyone.
Implement a security training program.
(Learn more at https://tinyurl.com/TrainTCUINC)
Having a way to train your staff is by far the most cost effective and valuable way to protect your environment. We have implemented an extremely cost effective platform to help you achieve this with options such as:
- Weekly training videos.
- Short quizzes and testing to see if staff understand the threats.
- Additional feature provides you with tools to conduct your own security assessment (at a fraction of what it would cost to have it done).
- Additional feature that provides $100,000 benefit in the event of a breach.
Training your staff can help prevent data breaches like this one https://www.engadget.com/amp/2017/06/17/buckle-cash-register-malware/ or this one https://www.cnet.com/google-amp/news/largest-ransomware-ever-demand-south-korea-web-host.
Backup, backup and more backup.
This is the safety net when a data breach or disaster happens to your network. A good backup process can not only save you anxiety and downtime, but it can also prevent your business from closing its doors. One of the statistics that we have seen is that 90% of businesses that lose their data go out of business within a year of that incident.
There are many ways to backup your data. For some businesses, it makes sense to have a backup server with cloud storage, for others a simple USB drive on a regular schedule can work. The main idea is to HAVE A BACKUP. Call us if you need help determining which option to choose or to develop a Disaster Recovery and Business continuity plan.
The Critical Update inc. works together with busy professionals to help reduce the threats to your business. You are the risk takers and the ones who need resources to come beside you to help you be more effective. Call us at 512.336.2970 or email info@TheCriticalUpdate.com to schedule a free call where we can talk about whether it makes sense to implement these solution for your company.
Luis Delgado is a father, husband, community resource, speaker, and entrepreneur who founded The Critical Update, inc (TCUINC) in 2003. TCUINC is a technology consulting firm that has evolved from basic computer support to affordable technology consulting, network management, outsourced IT and cybersecurity. Our clients come from every industry in Central Texas.
Luis is a certified HIPAA professional and is focused on helping business owners create more jobs for Texas families.